> Are there any SA methods that allow verification of the ‘sender’ of an email ?
>
> I am aware of SPF which can confirm that a host at ip address x.x.x.x is
> authorized to send mail as from domain “A”, but how about a means to
> confirm that [EMAIL PROTECTED] actually is a real user before
> accepting mail from him ?
Exim can do that in the ACL rules using a verify=sender clause. I use that, and a few other checks, to identify probable spam that can be rejected without bothering to pass it through SpamAssassin. (And with Exim, it is easy to do the rejection while the SMTP connection is still open.)
http://www.exim.org/
Note that it doesn't actually verify whether or not the sender exists; but whether that address is likely to accept a non-delivery notice.
-Pat
